"3M Advocate Aurora Health Patients Face PHI Exposure Tied to Tracking Pixels"
Advocate Aurora Health informed 3 million patients of a data breach that may have exposed Protected Health Information (PHI). The breach was caused by the nonprofit health system's use of Google and Meta tracking pixels, which are widely used tools for tracking website visitor activity. Novant Health notified 1.3 million patients in August that the use of Meta pixel code on its website may have exposed PHI. The Markup and STAT co-published a report that discovered the Meta pixel tracker was being used on hundreds of hospital websites. While pixels are commonly used, the report discovered the pixel installed within multiple password-protected patient portals and scheduling forms. When the tracker was present, data packets were allegedly sent to Facebook whenever a button to schedule a doctor's appointment was clicked. Facebook allegedly received highly sensitive Protected Health Information (PHI), such as medical conditions and doctors' names, all of which could be linked to the user's unique IP address. This article continues to discuss Advocate Aurora Health discontinuing its use of tracking pixels after discovering that they potentially resulted in patient PHI exposure.